Lucene search
+L

3 matches found

OSV
OSV
added 2023/07/06 9:15 p.m.20 views

GHSA-2RX4-9F5H-9GJF Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration

Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions Op or Admin to change the connection object in this...

7.2CVSS7.1AI score0.01531EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/05/30 10:56 a.m.15 views

CVE-2023-33234 Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration

Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions Op or Admin to change the connection object in this...

7.4AI score0.01531EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/30 10:56 a.m.19 views

CVE-2023-33234 Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration

Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions Op or Admin to change the connection object in this...

7.2AI score0.01531EPSS
Exploits0References1
Rows per page
Query Builder